The Case for Zero-Trust Access for the Industrial Internet of Things

Over the last several years, an emerging Industrial Internet of Things (IIoT) has started to converge with Industrial Control Systems (ICS) and other Operational Technology (OT). IIoT uses traditional IT networking protocols and sensors to connect to previously air- gapped OT systems and networks, which used specialty industrial control system protocols such as MODBUS and DNP 3.0.

Operational efficiencies have been driving the convergence of IT and OT, with many OT vendors providing more interoperability with control system protocols. These have used IP-based Human Machine Interface (HMI) systems and have incorporated Ethernet manifestations such as MODBUS/TCP to support further convergence with IT protocols and systems.

While the convergence of IT and OT unlocks valuable data from ICS and provides more operational visibility to make better business decisions, it also can provide nefarious actors access into industrial control networks. Many OT systems have not been properly safeguarded through updated operating system patches, protocol isolation, strong encryption and multi-factor authentication, or network and user access monitoring.

Over half of all industrial sites use unpatchable operating systems such as Windows XP, according to a recent CyberX survey. Many systems that can accept patches are done on an infrequent basis, introducing a host of potential ways to compromise control systems. The last several years have seen some of the most dangerous cybersecurity attacks of all time. Stuxnet, CrashOverride and TRISIS, among others, affected Supervisory Control and Data Acquisition (SCADA) systems, which are the brains for industrial controls as well as engineering workstations and safety systems. Attacks on these types of systems go way beyond credit card and other PII theft. Modern cyberthreats on OT put lives at risk.

Most of these attacks on critical infrastructure systems could have been mitigated or stopped completely if better access controls and system monitoring had been in place.

Legacy ICS access control technologies, such as VPNs, are 20 years old and were originally designed to establish a secure tunnel over the Internet to corporate networks. They were never designed to provide critical system and application access. In addition, VPNs do not isolate systems or protocols, which increases risk if credentials are stolen. The CrashOverride attack used compromised VPN credentials to take down the Ukrainian power grid.

Critical infrastructure segments such as energy, oil and gas, manufacturing, transportation, healthcare and government all utilize OT and need a simpler, more flexible and more secure OT access solution that incorporates a “zero-trust” approach to protecting access to OT systems.

This is an excerpt from “The Case for Zero-Trust Access for the Industrial Internet of Things” white paper by Xona. For more insights, download the pdf.